271 matches found
CVE-2026-45996
In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...
CVE-2026-45996 spi: imx: fix use-after-free on unbind
In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...
CVE-2026-45996
The CVE-2026-45996 issue affects the Linux kernel SPI imx driver, where a use-after-free can occur on unbind because the SPI subsystem frees controller and subsystem data during deregistration unless the allocation is device-managed. The fix adds a reference before deregistering the controller so...
CVE-2026-45956
The CVE-2026-45956 entry concerns the Linux kernel DRM Exynos driver (vidi) where vidi_connection_ioctl() incorrectly reads driver_data from drm_dev->dev, which points to the exynos-drm master device rather than the vidi component device. This mismatch can trigger null pointer dereferences, ga...
CVE-2026-45956 drm/exynos: vidi: use priv->vidi_dev for ctx lookup in vidi_connection_ioctl()
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use priv-vididev for ctx lookup in vidiconnectionioctl vidiconnectionioctl retrieves the driverdata from drmdev-dev to obtain a struct vidicontext pointer. However, drmdev-dev is the exynos-drm master device, an...
PT-2026-43781
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the ibmpex driver. The issue occurs because driver data is set to NULL before sensor attributes are removed. The function ibmpex show sensor retrieves this...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of driverdata from drmdev in the exynos-drm driver. This improper use can lead to null...
PT-2026-43863
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the SPI subsystem of the Linux kernel. The subsystem frees the controller and any allocated driver data during deregistration, unless the allocation is...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btmtksdio: Fixed a kernel oops in btmtksdiointerrupt. Fixed the following kernel oops in btmtksdiointerrrupt: 14.339134 btmtksdiointerrupt+0x28/0x54 14.339139 processsdiopendingirqs+0x68/0x1a0 14.339144...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211: Fixed a race condition when enabling fast-xmit. fast-xmit must only be enabled after the station has been uploaded to the driver. Otherwise, it might pass the yet-to-be-uploaded station through drvtx calls to the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dsi: Store driver data before invoking mipidsihostregister The call to mipidsihostregister triggers a callback to mtkdsibind, which uses devgetdrvdata to retrieve the mtkdsi structure. Therefore, this structure must...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: extcon: The extcon device is modified to be created after the driver data is set. Currently, someone can invoke sysfs functions such as stateshow intermittently before devsetdrvdata is performed. This can lead to kernel errors...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: llcc: Handle a second device without data corruption. Usually, there is only one llcc device. But if there were a second one, even a failed probe call would modify the global drvdata pointer. Therefore, check whether...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: Firmware: stratix10-svc – fixed an error in saving controller data. The incorrect use of platformsetdrvdata and devsetdrvdata has also been corrected. Both these functions refer to the same data, and they override each other...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fixed incorrect retrieval of acpchipinfo. Instead of using devgetplatdatadev, use devgetdrvdatadev-parent to correctly retrieve acpchipinfo members in the acp I2S driver. Previously, some members were not updated...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: hwmon: ibmpex Fixed a possible Use-after-Allocation UAF condition when ibmpexregisterbmc fails. A warning message was generated as follows: drivers/hwmon/ibmpex.c:509: Error message from ibmpexregisterbmc: “&data-list” was not...
SUSE CVE-2026-43259
In the Linux kernel, the following vulnerability has been resolved: phy: fsl-imx8mq-usb: set platform driver data Add missing platformsetdrvdata as the data will be used in remove...
CVE-2026-43401 cpufreq: intel_pstate: Fix NULL pointer dereference in update_cpu_qos_request()
In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix NULL pointer dereference in updatecpuqosrequest The updatecpuqosrequest function attempts to initialize the 'freq' variable by dereferencing 'cpudata' before verifying if the 'policy' is valid. This issu...
CVE-2026-43401
The CVE-2026-43401 issue affects the Linux kernel's intel_pstate component. A NULL pointer dereference can occur in update_cpu_qos_request() when the code dereferences cpudata before validating the policy, especially on systems booted with nosmt where all_cpu_data[cpu] may be NULL for SMT sibling...
CVE-2026-43175
A flaw was found in the Linux kernel's clk: rs9 component. An out-of-bounds write vulnerability exists due to insufficient allocation of struct clkhw slots. This can lead to corruption of struct rs9driverdata content and surrounding data, potentially causing a system crash, especially when the...